added auto https

COSSAS · Dec 12, 2024 · b69c3da · b69c3da
1 parent 736e054
commit b69c3da
Showing 1 changed file with 79 additions and 61 deletions.
diff --git a/docker-compose.yaml b/docker-compose.yaml
@@ -1,61 +1,79 @@
-version: '3.7'
-services:
-  mongodb_container:
-    image: mongo:latest
-    container_name: mongo_soarca_stack
-    environment:
-      MONGO_INITDB_ROOT_USERNAME: "root"
-      MONGO_INITDB_ROOT_PASSWORD: "rootpassword"
-    networks:
-      - db-net
-    volumes:
-      - mongodb_data_container:/data/db
-
-  soarca:
-    build:
-      dockerfile: Dockerfile
-      args:
-        VERSION: "${GIT_VERSION}"
-    container_name: soarca_server
-    environment:
-      PORT: 8080
-      ENABLE_TLS: "false"
-      CERT_FILE: "/certs/server.crt"
-      CERT_KEY: "/certs/server.key"
-      MAX_EXECUTIONS: "1000"
-      SOARCA_ALLOWED_ORIGINS: "*"
-      GIN_MODE: "release"
-      MONGODB_URI: "mongodb://mongodb_container27017"
-      DATABASE_NAME: "soarca"
-      DB_USERNAME: "root"
-      DB_PASSWORD: "rootpassword"
-      PLAYBOOK_API_LOG_LEVEL: "trace"
-      DATABASE: "false"
-      MAX_REPORTERS: "5"
-      LOG_GLOBAL_LEVEL: "info"
-      LOG_MODE: "development"
-      LOG_FILE_PATH: ""
-      LOG_FORMAT: "json"
-      ENABLE_FINS: "false"
-      MQTT_BROKER: "localhost"
-      MQTT_PORT: "1883"
-      HTTP_SKIP_CERT_VALIDATION: "false"
-      # Integrations
-      THEHIVE_ACTIVATE: "false"
-      THEHIVE_API_TOKEN: "your_token"
-      THEHIVE_API_BASE_URL: "http://your.thehive.instance/api/v1/"
-      # Authentication
-      AUTH_ENABLED: "false"  
-      OIDC_PROVIDER: "https://authentikuri:9443/application/o/soarca/"
-      OIDC_CLIENT_ID: "some client ID"
-      OIDC_SKIP_TLS_VERIFY: "false"
-    ports:
-      - 127.0.0.1:8080:8080
-    depends_on:
-      - mongodb_container
-
-networks:
-  db-net:
-
-volumes:
-  mongodb_data_container:
+version: '3.7'
+services:
+  mongodb_container:
+    image: mongo:latest
+    container_name: mongo_soarca_stack
+    environment:
+      MONGO_INITDB_ROOT_USERNAME: "root"
+      MONGO_INITDB_ROOT_PASSWORD: "rootpassword"
+    networks:
+      - db-net
+    volumes:
+      - mongodb_data_container:/data/db
+
+  cert-generator:
+    image: alpine
+    container_name: cert-generator
+    volumes:
+      - certs_data_containter:/certs
+    environment:
+      - DOMAIN=localhost
+    command: >
+      sh -c "
+        apk add --no-cache openssl &&
+        cd /certs &&
+        openssl req -x509 -newkey rsa:4096 -keyout server.key -out server.crt -days 365 -nodes -subj '/CN=${DOMAIN}' &&
+        chmod 644 server.key server.crt
+      "
+  soarca:
+    build:
+      dockerfile: Dockerfile
+      args:
+        VERSION: "${GIT_VERSION}"
+    container_name: soarca_server
+    volumes:
+      - certs_data_containter:/app/certs
+    environment:
+      PORT: 8080
+      ENABLE_TLS: "true"
+      CERT_FILE: "/app/certs/server.crt"
+      CERT_KEY: "/app/certs/server.key"
+      MAX_EXECUTIONS: "1000"
+      SOARCA_ALLOWED_ORIGINS: "*"
+      GIN_MODE: "release"
+      MONGODB_URI: "mongodb://mongodb_container27017"
+      DATABASE_NAME: "soarca"
+      DB_USERNAME: "root"
+      DB_PASSWORD: "rootpassword"
+      PLAYBOOK_API_LOG_LEVEL: "trace"
+      DATABASE: "false"
+      MAX_REPORTERS: "5"
+      LOG_GLOBAL_LEVEL: "info"
+      LOG_MODE: "development"
+      LOG_FILE_PATH: ""
+      LOG_FORMAT: "json"
+      ENABLE_FINS: "false"
+      MQTT_BROKER: "localhost"
+      MQTT_PORT: "1883"
+      HTTP_SKIP_CERT_VALIDATION: "false"
+      # Integrations
+      THEHIVE_ACTIVATE: "false"
+      THEHIVE_API_TOKEN: "your_token"
+      THEHIVE_API_BASE_URL: "http://your.thehive.instance/api/v1/"
+      # Authentication
+      AUTH_ENABLED: "false"  
+      OIDC_PROVIDER: "https://authentikuri:9443/application/o/soarca/"
+      OIDC_CLIENT_ID: "some client ID"
+      OIDC_SKIP_TLS_VERIFY: "false"
+    ports:
+      - 127.0.0.1:8080:8080
+    depends_on:
+      - mongodb_container
+      - cert-generator
+
+networks:
+  db-net:
+
+volumes:
+  mongodb_data_container:
+  certs_data_containter: